vaspera 2.7.0 → 2.9.0

package/dist/analysis/data-flow.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"data-flow.d.ts","sourceRoot":"","sources":["../../src/analysis/data-flow.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AAO1D;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,WAAW,GAAG,cAAc,GAAG,SAAS,CAAC;AAElE;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,YAAY,GACZ,cAAc,GACd,WAAW,GACX,SAAS,GACT,UAAU,GACV,WAAW,GACX,WAAW,GACX,QAAQ,GACR,QAAQ,CAAC;AAEb;;GAEG;AACH,MAAM,MAAM,YAAY,GACpB,WAAW,GACX,cAAc,GACd,YAAY,GACZ,iBAAiB,GACjB,MAAM,GACN,iBAAiB,GACjB,aAAa,GACb,UAAU,GACV,YAAY,GACZ,eAAe,CAAC;AAEpB;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEnE;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IAEb,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IAEb,+BAA+B;IAC/B,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,mBAAmB;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,wBAAwB;IACxB,EAAE,EAAE,MAAM,CAAC;IAEX,qBAAqB;IACrB,IAAI,EAAE,cAAc,CAAC;IAErB,uBAAuB;IACvB,QAAQ,EAAE,YAAY,CAAC;IAEvB,iDAAiD;IACjD,QAAQ,EAAE,MAAM,CAAC;IAEjB,kBAAkB;IAClB,UAAU,EAAE,UAAU,CAAC;IAEvB,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,8CAA8C;IAC9C,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,wBAAwB;IACxB,EAAE,EAAE,MAAM,CAAC;IAEX,mBAAmB;IACnB,IAAI,EAAE,YAAY,CAAC;IAEnB,uBAAuB;IACvB,QAAQ,EAAE,YAAY,CAAC;IAEvB,8BAA8B;IAC9B,QAAQ,EAAE,MAAM,CAAC;IAEjB,iBAAiB;IACjB,SAAS,EAAE,aAAa,CAAC;IAEzB,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,oCAAoC;IACpC,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B,8CAA8C;IAC9C,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,wBAAwB;IACxB,EAAE,EAAE,MAAM,CAAC;IAEX,8BAA8B;IAC9B,QAAQ,EAAE,MAAM,CAAC;IAEjB,uBAAuB;IACvB,QAAQ,EAAE,YAAY,CAAC;IAEvB,yCAAyC;IACzC,YAAY,EAAE,YAAY,EAAE,CAAC;IAE7B,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,yBAAyB;IACzB,MAAM,EAAE,UAAU,CAAC;IAEnB,kCAAkC;IAClC,IAAI,EAAE,QAAQ,CAAC;IAEf,yCAAyC;IACzC,IAAI,EAAE,YAAY,EAAE,CAAC;IAErB,kDAAkD;IAClD,sBAAsB,EAAE,OAAO,CAAC;IAEhC,iCAAiC;IACjC,kBAAkB,CAAC,EAAE,YAAY,EAAE,CAAC;IAEpC,8BAA8B;IAC9B,SAAS,EAAE,QAAQ,CAAC;IAEpB,uCAAuC;IACvC,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,6BAA6B;IAC7B,OAAO,EAAE,UAAU,EAAE,CAAC;IAEtB,2BAA2B;IAC3B,KAAK,EAAE,QAAQ,EAAE,CAAC;IAElB,gCAAgC;IAChC,UAAU,EAAE,SAAS,EAAE,CAAC;IAExB,0BAA0B;IAC1B,KAAK,EAAE,YAAY,EAAE,CAAC;IAEtB,iBAAiB;IACjB,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;QACnB,eAAe,EAAE,MAAM,CAAC;QACxB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,cAAc,EAAE,MAAM,CAAC;KACxB,CAAC;CACH;AA6WD;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,MAAM,EAAE,GACf,OAAO,CAAC,eAAe,CAAC,CA+C1B;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,eAAe,GAAG,YAAY,EAAE,CAEtE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,eAAe,EACxB,QAAQ,EAAE,QAAQ,GACjB,YAAY,EAAE,CAEhB;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,UAAU,EAAE,YAAY,EAAE,EAC1B,QAAQ,SAAK,GACZ,MAAM,CAgBR"}

package/dist/analysis/data-flow.js

@@ -0,0 +1,393 @@
+/**
+ * Data Flow Analysis Module
+ *
+ * Tracks data flow from sources (user input, API responses) to sinks
+ * (database writes, command execution) to identify potential vulnerabilities.
+ *
+ * This module provides the foundation for semantic vulnerability detection
+ * by identifying risky data flows that bypass sanitization.
+ *
+ * @module analysis/data-flow
+ */
+import { readFile } from "fs/promises";
+import { join, extname } from "path";
+import { logger } from "../logger.js";
+// ============================================================================
+// Pattern Definitions
+// ============================================================================
+/**
+ * Patterns for identifying data sources by language
+ */
+const SOURCE_PATTERNS = {
+    javascript: [
+        // Express.js patterns
+        { pattern: /req\.body(?:\.\w+)?/g, type: "user-input", trustLevel: "untrusted" },
+        { pattern: /req\.params(?:\.\w+)?/g, type: "url-param", trustLevel: "untrusted" },
+        { pattern: /req\.query(?:\.\w+)?/g, type: "url-param", trustLevel: "untrusted" },
+        { pattern: /req\.headers(?:\[['"][^'"]+['"]\])?/g, type: "header", trustLevel: "untrusted" },
+        { pattern: /req\.cookies(?:\.\w+)?/g, type: "cookie", trustLevel: "untrusted" },
+        // Fetch/API responses
+        { pattern: /\.json\(\)/g, type: "api-response", trustLevel: "semi-trusted" },
+        { pattern: /await\s+fetch\([^)]+\)/g, type: "api-response", trustLevel: "semi-trusted" },
+        // Environment variables
+        { pattern: /process\.env(?:\.\w+|\[['"][^'"]+['"]\])/g, type: "env-var", trustLevel: "trusted" },
+        // File reads
+        { pattern: /readFile(?:Sync)?\([^)]+\)/g, type: "file-read", trustLevel: "semi-trusted" },
+        { pattern: /fs\.read(?:File)?(?:Sync)?\([^)]+\)/g, type: "file-read", trustLevel: "semi-trusted" },
+    ],
+    typescript: [], // Same as JavaScript, will extend
+    python: [
+        // Flask patterns
+        { pattern: /request\.(?:form|json|args|data|values)(?:\[['"][^'"]+['"]\])?/g, type: "user-input", trustLevel: "untrusted" },
+        { pattern: /request\.headers(?:\[['"][^'"]+['"]\])?/g, type: "header", trustLevel: "untrusted" },
+        { pattern: /request\.cookies(?:\[['"][^'"]+['"]\])?/g, type: "cookie", trustLevel: "untrusted" },
+        // Django patterns
+        { pattern: /request\.(?:GET|POST|FILES)(?:\[['"][^'"]+['"]\])?/g, type: "user-input", trustLevel: "untrusted" },
+        // Environment
+        { pattern: /os\.(?:getenv|environ)(?:\[['"][^'"]+['"]\]|\(['"][^'"]+['"]\))/g, type: "env-var", trustLevel: "trusted" },
+        // File reads
+        { pattern: /open\([^)]+\)\.read\(\)/g, type: "file-read", trustLevel: "semi-trusted" },
+    ],
+};
+/**
+ * Patterns for identifying data sinks by language
+ */
+const SINK_PATTERNS = {
+    javascript: [
+        // SQL
+        { pattern: /\.query\([^)]+\)/g, type: "sql-query", riskLevel: "critical", function: "query" },
+        { pattern: /\.execute\([^)]+\)/g, type: "sql-query", riskLevel: "critical", function: "execute" },
+        { pattern: /\.raw\([^)]+\)/g, type: "sql-query", riskLevel: "critical", function: "raw" },
+        // Command execution
+        { pattern: /exec\([^)]+\)/g, type: "command-exec", riskLevel: "critical", function: "exec" },
+        { pattern: /execSync\([^)]+\)/g, type: "command-exec", riskLevel: "critical", function: "execSync" },
+        { pattern: /spawn\([^)]+\)/g, type: "command-exec", riskLevel: "high", function: "spawn" },
+        // Eval
+        { pattern: /eval\([^)]+\)/g, type: "eval", riskLevel: "critical", function: "eval" },
+        { pattern: /Function\([^)]+\)/g, type: "eval", riskLevel: "critical", function: "Function" },
+        { pattern: /vm\.runInContext\([^)]+\)/g, type: "eval", riskLevel: "critical", function: "vm.runInContext" },
+        // File writes
+        { pattern: /writeFile(?:Sync)?\([^)]+\)/g, type: "file-write", riskLevel: "high", function: "writeFile" },
+        { pattern: /fs\.write(?:File)?(?:Sync)?\([^)]+\)/g, type: "file-write", riskLevel: "high", function: "fs.writeFile" },
+        // HTML rendering
+        { pattern: /\.innerHTML\s*=/g, type: "html-render", riskLevel: "high", function: "innerHTML" },
+        { pattern: /document\.write\([^)]+\)/g, type: "html-render", riskLevel: "high", function: "document.write" },
+        // Redirects
+        { pattern: /res\.redirect\([^)]+\)/g, type: "redirect", riskLevel: "medium", function: "res.redirect" },
+        { pattern: /location\.href\s*=/g, type: "redirect", riskLevel: "medium", function: "location.href" },
+    ],
+    typescript: [], // Same as JavaScript
+    python: [
+        // SQL
+        { pattern: /\.execute\([^)]+\)/g, type: "sql-query", riskLevel: "critical", function: "execute" },
+        { pattern: /cursor\.execute\([^)]+\)/g, type: "sql-query", riskLevel: "critical", function: "cursor.execute" },
+        // Command execution
+        { pattern: /os\.system\([^)]+\)/g, type: "command-exec", riskLevel: "critical", function: "os.system" },
+        { pattern: /subprocess\.(?:run|call|Popen)\([^)]+\)/g, type: "command-exec", riskLevel: "critical", function: "subprocess" },
+        // Eval
+        { pattern: /eval\([^)]+\)/g, type: "eval", riskLevel: "critical", function: "eval" },
+        { pattern: /exec\([^)]+\)/g, type: "eval", riskLevel: "critical", function: "exec" },
+        // File writes
+        { pattern: /open\([^,]+,\s*['"]w['"]\)/g, type: "file-write", riskLevel: "high", function: "open(write)" },
+    ],
+};
+/**
+ * Patterns for identifying sanitizers
+ */
+const SANITIZER_PATTERNS = {
+    javascript: [
+        { pattern: /escape(?:Html)?\(/g, function: "escapeHtml", sanitizesFor: ["html-render"] },
+        { pattern: /sanitize(?:Html)?\(/g, function: "sanitizeHtml", sanitizesFor: ["html-render"] },
+        { pattern: /DOMPurify\.sanitize\(/g, function: "DOMPurify.sanitize", sanitizesFor: ["html-render"] },
+        { pattern: /encodeURIComponent\(/g, function: "encodeURIComponent", sanitizesFor: ["redirect", "url-param"] },
+        { pattern: /parameterized|prepared|placeholder/gi, function: "prepared statement", sanitizesFor: ["sql-query"] },
+        { pattern: /\$\d+|\?/g, function: "parameterized query", sanitizesFor: ["sql-query"] },
+    ],
+    python: [
+        { pattern: /escape\(/g, function: "escape", sanitizesFor: ["html-render"] },
+        { pattern: /bleach\.clean\(/g, function: "bleach.clean", sanitizesFor: ["html-render"] },
+        { pattern: /quote\(/g, function: "quote", sanitizesFor: ["sql-query"] },
+        { pattern: /%s|:\w+/g, function: "parameterized", sanitizesFor: ["sql-query"] },
+    ],
+};
+// Copy JS patterns to TS
+SOURCE_PATTERNS.typescript = SOURCE_PATTERNS.javascript;
+SINK_PATTERNS.typescript = SINK_PATTERNS.javascript;
+SANITIZER_PATTERNS.typescript = SANITIZER_PATTERNS.javascript;
+// ============================================================================
+// Analysis Functions
+// ============================================================================
+/**
+ * Get language from file extension
+ */
+function getLanguage(filePath) {
+    const ext = extname(filePath).toLowerCase();
+    const langMap = {
+        ".js": "javascript",
+        ".mjs": "javascript",
+        ".cjs": "javascript",
+        ".jsx": "javascript",
+        ".ts": "typescript",
+        ".tsx": "typescript",
+        ".py": "python",
+    };
+    return langMap[ext] || "unknown";
+}
+/**
+ * Generate a unique ID
+ */
+function generateId(prefix) {
+    return `${prefix}-${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 6)}`;
+}
+/**
+ * Find line number for a match position
+ */
+function getLineNumber(content, position) {
+    return content.slice(0, position).split("\n").length;
+}
+/**
+ * Get code snippet around a position
+ */
+function getSnippet(content, line, contextLines = 1) {
+    const lines = content.split("\n");
+    const start = Math.max(0, line - contextLines - 1);
+    const end = Math.min(lines.length, line + contextLines);
+    return lines.slice(start, end).join("\n");
+}
+/**
+ * Identify data sources in a file
+ */
+async function identifySourcesInFile(filePath, content) {
+    const language = getLanguage(filePath);
+    const patterns = SOURCE_PATTERNS[language] || [];
+    const sources = [];
+    for (const { pattern, type, trustLevel } of patterns) {
+        const regex = new RegExp(pattern.source, pattern.flags);
+        let match;
+        while ((match = regex.exec(content)) !== null) {
+            const line = getLineNumber(content, match.index);
+            sources.push({
+                id: generateId("src"),
+                type,
+                location: {
+                    file: filePath,
+                    line,
+                    snippet: getSnippet(content, line),
+                },
+                variable: match[0],
+                trustLevel,
+                description: `${type} at ${filePath}:${line}`,
+                pattern: pattern.source,
+            });
+        }
+    }
+    return sources;
+}
+/**
+ * Identify data sinks in a file
+ */
+async function identifySinksInFile(filePath, content) {
+    const language = getLanguage(filePath);
+    const patterns = SINK_PATTERNS[language] || [];
+    const sinks = [];
+    for (const { pattern, type, riskLevel, function: fn } of patterns) {
+        const regex = new RegExp(pattern.source, pattern.flags);
+        let match;
+        while ((match = regex.exec(content)) !== null) {
+            const line = getLineNumber(content, match.index);
+            sinks.push({
+                id: generateId("sink"),
+                type,
+                location: {
+                    file: filePath,
+                    line,
+                    snippet: getSnippet(content, line),
+                },
+                function: fn,
+                riskLevel,
+                description: `${type} (${fn}) at ${filePath}:${line}`,
+                pattern: pattern.source,
+            });
+        }
+    }
+    return sinks;
+}
+/**
+ * Identify sanitizers in a file
+ */
+async function identifySanitizersInFile(filePath, content) {
+    const language = getLanguage(filePath);
+    const patterns = SANITIZER_PATTERNS[language] || [];
+    const sanitizers = [];
+    for (const { pattern, function: fn, sanitizesFor } of patterns) {
+        const regex = new RegExp(pattern.source, pattern.flags);
+        let match;
+        while ((match = regex.exec(content)) !== null) {
+            const line = getLineNumber(content, match.index);
+            sanitizers.push({
+                id: generateId("san"),
+                function: fn,
+                location: {
+                    file: filePath,
+                    line,
+                    snippet: getSnippet(content, line),
+                },
+                sanitizesFor,
+                description: `Sanitizer ${fn} at ${filePath}:${line}`,
+            });
+        }
+    }
+    return sanitizers;
+}
+/**
+ * Determine if a source-sink pair has a sanitizer between them
+ */
+function hasSanitizerBetween(source, sink, sanitizers) {
+    // Simple heuristic: check if there's a sanitizer in the same file
+    // between the source and sink lines, and if it sanitizes for this sink type
+    const relevantSanitizers = sanitizers.filter((s) => s.location.file === source.location.file &&
+        s.location.file === sink.location.file &&
+        s.location.line > source.location.line &&
+        s.location.line < sink.location.line &&
+        s.sanitizesFor.includes(sink.type));
+    return {
+        sanitized: relevantSanitizers.length > 0,
+        sanitizerLocations: relevantSanitizers.map((s) => s.location),
+    };
+}
+/**
+ * Calculate risk level for a flow
+ */
+function calculateFlowRisk(source, sink, sanitized) {
+    if (sanitized) {
+        return "info";
+    }
+    if (source.trustLevel === "untrusted") {
+        if (sink.riskLevel === "critical")
+            return "critical";
+        if (sink.riskLevel === "high")
+            return "high";
+        return "medium";
+    }
+    if (source.trustLevel === "semi-trusted") {
+        if (sink.riskLevel === "critical")
+            return "high";
+        if (sink.riskLevel === "high")
+            return "medium";
+        return "low";
+    }
+    return "low";
+}
+/**
+ * Identify potential data flows between sources and sinks
+ */
+function identifyFlows(sources, sinks, sanitizers) {
+    const flows = [];
+    // Simple heuristic: match sources and sinks in the same file
+    // More sophisticated analysis would use actual data flow tracking
+    for (const source of sources) {
+        for (const sink of sinks) {
+            // Only connect sources and sinks in the same file (simplified)
+            if (source.location.file !== sink.location.file) {
+                continue;
+            }
+            // Only connect if sink comes after source
+            if (sink.location.line <= source.location.line) {
+                continue;
+            }
+            const { sanitized, sanitizerLocations } = hasSanitizerBetween(source, sink, sanitizers);
+            const riskLevel = calculateFlowRisk(source, sink, sanitized);
+            flows.push({
+                source,
+                sink,
+                path: [source.location, sink.location],
+                passesThroughSanitizer: sanitized,
+                sanitizerLocations: sanitized ? sanitizerLocations : undefined,
+                riskLevel,
+                description: sanitized
+                    ? `Sanitized flow from ${source.type} to ${sink.type}`
+                    : `Unsanitized ${source.trustLevel} data flows to ${sink.type}`,
+            });
+        }
+    }
+    return flows;
+}
+// ============================================================================
+// Public API
+// ============================================================================
+/**
+ * Build data flow context for a project
+ */
+export async function buildDataFlowContext(projectPath, files) {
+    const allSources = [];
+    const allSinks = [];
+    const allSanitizers = [];
+    // If no files provided, this would scan the project
+    // For now, accept a list of files to analyze
+    const filesToAnalyze = files || [];
+    for (const filePath of filesToAnalyze) {
+        try {
+            const fullPath = join(projectPath, filePath);
+            const content = await readFile(fullPath, "utf-8");
+            const sources = await identifySourcesInFile(filePath, content);
+            const sinks = await identifySinksInFile(filePath, content);
+            const sanitizers = await identifySanitizersInFile(filePath, content);
+            allSources.push(...sources);
+            allSinks.push(...sinks);
+            allSanitizers.push(...sanitizers);
+        }
+        catch (error) {
+            logger.warn("data-flow.file_read_error", {
+                file: filePath,
+                error: error instanceof Error ? error.message : String(error),
+            });
+        }
+    }
+    const flows = identifyFlows(allSources, allSinks, allSanitizers);
+    const riskyFlows = flows.filter((f) => !f.passesThroughSanitizer);
+    const sanitizedFlows = flows.filter((f) => f.passesThroughSanitizer);
+    return {
+        sources: allSources,
+        sinks: allSinks,
+        sanitizers: allSanitizers,
+        flows,
+        stats: {
+            totalSources: allSources.length,
+            totalSinks: allSinks.length,
+            totalSanitizers: allSanitizers.length,
+            totalFlows: flows.length,
+            riskyFlows: riskyFlows.length,
+            sanitizedFlows: sanitizedFlows.length,
+        },
+    };
+}
+/**
+ * Get only risky (unsanitized) flows
+ */
+export function getRiskyFlows(context) {
+    return context.flows.filter((f) => !f.passesThroughSanitizer);
+}
+/**
+ * Get flows by severity
+ */
+export function getFlowsBySeverity(context, severity) {
+    return context.flows.filter((f) => f.riskLevel === severity);
+}
+/**
+ * Format context for LLM analysis
+ */
+export function formatContextForLLM(riskyFlows, maxFlows = 10) {
+    const flows = riskyFlows.slice(0, maxFlows);
+    let output = "# Risky Data Flows Detected\n\n";
+    output += `Found ${riskyFlows.length} unsanitized data flows. Showing top ${flows.length}:\n\n`;
+    for (const flow of flows) {
+        output += `## ${flow.source.type} → ${flow.sink.type} (${flow.riskLevel})\n\n`;
+        output += `**Source:** ${flow.source.location.file}:${flow.source.location.line}\n`;
+        output += `\`\`\`\n${flow.source.location.snippet || flow.source.variable}\n\`\`\`\n\n`;
+        output += `**Sink:** ${flow.sink.location.file}:${flow.sink.location.line}\n`;
+        output += `\`\`\`\n${flow.sink.location.snippet || flow.sink.function}\n\`\`\`\n\n`;
+        output += `**Risk:** ${flow.description}\n\n---\n\n`;
+    }
+    return output;
+}
+//# sourceMappingURL=data-flow.js.map

package/dist/analysis/data-flow.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"data-flow.js","sourceRoot":"","sources":["../../src/analysis/data-flow.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAErC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AA8LtC,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,eAAe,GAA6F;IAChH,UAAU,EAAE;QACV,sBAAsB;QACtB,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE;QAChF,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,WAAW,EAAE;QACjF,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,WAAW,EAAE;QAChF,EAAE,OAAO,EAAE,sCAAsC,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE;QAC5F,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE;QAC/E,sBAAsB;QACtB,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,cAAc,EAAE,UAAU,EAAE,cAAc,EAAE;QAC5E,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,cAAc,EAAE,UAAU,EAAE,cAAc,EAAE;QACxF,wBAAwB;QACxB,EAAE,OAAO,EAAE,2CAA2C,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE;QAChG,aAAa;QACb,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,cAAc,EAAE;QACzF,EAAE,OAAO,EAAE,sCAAsC,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,cAAc,EAAE;KACnG;IACD,UAAU,EAAE,EAAE,EAAE,kCAAkC;IAClD,MAAM,EAAE;QACN,iBAAiB;QACjB,EAAE,OAAO,EAAE,iEAAiE,EAAE,IAAI,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE;QAC3H,EAAE,OAAO,EAAE,0CAA0C,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE;QAChG,EAAE,OAAO,EAAE,0CAA0C,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE;QAChG,kBAAkB;QAClB,EAAE,OAAO,EAAE,qDAAqD,EAAE,IAAI,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE;QAC/G,cAAc;QACd,EAAE,OAAO,EAAE,kEAAkE,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE;QACvH,aAAa;QACb,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,cAAc,EAAE;KACvF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,aAAa,GAA+G;IAChI,UAAU,EAAE;QACV,MAAM;QACN,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE;QAC7F,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE;QACjG,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,EAAE;QACzF,oBAAoB;QACpB,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE;QAC5F,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE;QACpG,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE;QAC1F,OAAO;QACP,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE;QACpF,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE;QAC5F,EAAE,OAAO,EAAE,4BAA4B,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,iBAAiB,EAAE;QAC3G,cAAc;QACd,EAAE,OAAO,EAAE,8BAA8B,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE;QACzG,EAAE,OAAO,EAAE,uCAAuC,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE;QACrH,iBAAiB;QACjB,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE;QAC9F,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE;QAC5G,YAAY;QACZ,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,cAAc,EAAE;QACvG,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,eAAe,EAAE;KACrG;IACD,UAAU,EAAE,EAAE,EAAE,qBAAqB;IACrC,MAAM,EAAE;QACN,MAAM;QACN,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE;QACjG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE;QAC9G,oBAAoB;QACpB,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE;QACvG,EAAE,OAAO,EAAE,0CAA0C,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,YAAY,EAAE;QAC5H,OAAO;QACP,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE;QACpF,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE;QACpF,cAAc;QACd,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE;KAC3G;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAA+F;IACrH,UAAU,EAAE;QACV,EAAE,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,CAAC,aAAa,CAAC,EAAE;QACxF,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,aAAa,CAAC,EAAE;QAC5F,EAAE,OAAO,EAAE,wBAAwB,EAAE,QAAQ,EAAE,oBAAoB,EAAE,YAAY,EAAE,CAAC,aAAa,CAAC,EAAE;QACpG,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,oBAAoB,EAAE,YAAY,EAAE,CAAC,UAAU,EAAE,WAA2B,CAAC,EAAE;QAC7H,EAAE,OAAO,EAAE,sCAAsC,EAAE,QAAQ,EAAE,oBAAoB,EAAE,YAAY,EAAE,CAAC,WAAW,CAAC,EAAE;QAChH,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,qBAAqB,EAAE,YAAY,EAAE,CAAC,WAAW,CAAC,EAAE;KACvF;IACD,MAAM,EAAE;QACN,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,aAAa,CAAC,EAAE;QAC3E,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,aAAa,CAAC,EAAE;QACxF,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC,WAAW,CAAC,EAAE;QACvE,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,eAAe,EAAE,YAAY,EAAE,CAAC,WAAW,CAAC,EAAE;KAChF;CACF,CAAC;AAEF,yBAAyB;AACzB,eAAe,CAAC,UAAU,GAAG,eAAe,CAAC,UAAU,CAAC;AACxD,aAAa,CAAC,UAAU,GAAG,aAAa,CAAC,UAAU,CAAC;AACpD,kBAAkB,CAAC,UAAU,GAAG,kBAAkB,CAAC,UAAU,CAAC;AAE9D,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E;;GAEG;AACH,SAAS,WAAW,CAAC,QAAgB;IACnC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IAC5C,MAAM,OAAO,GAA2B;QACtC,KAAK,EAAE,YAAY;QACnB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,KAAK,EAAE,YAAY;QACnB,MAAM,EAAE,YAAY;QACpB,KAAK,EAAE,QAAQ;KAChB,CAAC;IACF,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,MAAc;IAChC,OAAO,GAAG,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;AAC1F,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAe,EAAE,QAAgB;IACtD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;AACvD,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,OAAe,EAAE,IAAY,EAAE,YAAY,GAAG,CAAC;IACjE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC;IACnD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,GAAG,YAAY,CAAC,CAAC;IACxD,OAAO,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,qBAAqB,CAClC,QAAgB,EAChB,OAAe;IAEf,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;IACjD,MAAM,OAAO,GAAiB,EAAE,CAAC;IAEjC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,QAAQ,EAAE,CAAC;QACrD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QACxD,IAAI,KAAK,CAAC;QAEV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YACjD,OAAO,CAAC,IAAI,CAAC;gBACX,EAAE,EAAE,UAAU,CAAC,KAAK,CAAC;gBACrB,IAAI;gBACJ,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI;oBACJ,OAAO,EAAE,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC;iBACnC;gBACD,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;gBAClB,UAAU;gBACV,WAAW,EAAE,GAAG,IAAI,OAAO,QAAQ,IAAI,IAAI,EAAE;gBAC7C,OAAO,EAAE,OAAO,CAAC,MAAM;aACxB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,mBAAmB,CAChC,QAAgB,EAChB,OAAe;IAEf,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC/C,MAAM,KAAK,GAAe,EAAE,CAAC;IAE7B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,QAAQ,EAAE,CAAC;QAClE,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QACxD,IAAI,KAAK,CAAC;QAEV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YACjD,KAAK,CAAC,IAAI,CAAC;gBACT,EAAE,EAAE,UAAU,CAAC,MAAM,CAAC;gBACtB,IAAI;gBACJ,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI;oBACJ,OAAO,EAAE,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC;iBACnC;gBACD,QAAQ,EAAE,EAAE;gBACZ,SAAS;gBACT,WAAW,EAAE,GAAG,IAAI,KAAK,EAAE,QAAQ,QAAQ,IAAI,IAAI,EAAE;gBACrD,OAAO,EAAE,OAAO,CAAC,MAAM;aACxB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,wBAAwB,CACrC,QAAgB,EAChB,OAAe;IAEf,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;IACpD,MAAM,UAAU,GAAgB,EAAE,CAAC;IAEnC,KAAK,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC/D,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QACxD,IAAI,KAAK,CAAC;QAEV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YACjD,UAAU,CAAC,IAAI,CAAC;gBACd,EAAE,EAAE,UAAU,CAAC,KAAK,CAAC;gBACrB,QAAQ,EAAE,EAAE;gBACZ,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI;oBACJ,OAAO,EAAE,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC;iBACnC;gBACD,YAAY;gBACZ,WAAW,EAAE,aAAa,EAAE,OAAO,QAAQ,IAAI,IAAI,EAAE;aACtD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAC1B,MAAkB,EAClB,IAAc,EACd,UAAuB;IAEvB,kEAAkE;IAClE,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,UAAU,CAAC,MAAM,CAC1C,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,MAAM,CAAC,QAAQ,CAAC,IAAI;QACxC,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI;QACtC,CAAC,CAAC,QAAQ,CAAC,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI;QACtC,CAAC,CAAC,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI;QACpC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CACrC,CAAC;IAEF,OAAO;QACL,SAAS,EAAE,kBAAkB,CAAC,MAAM,GAAG,CAAC;QACxC,kBAAkB,EAAE,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC;KAC9D,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,MAAkB,EAClB,IAAc,EACd,SAAkB;IAElB,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,IAAI,MAAM,CAAC,UAAU,KAAK,WAAW,EAAE,CAAC;QACtC,IAAI,IAAI,CAAC,SAAS,KAAK,UAAU;YAAE,OAAO,UAAU,CAAC;QACrD,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM;YAAE,OAAO,MAAM,CAAC;QAC7C,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAI,MAAM,CAAC,UAAU,KAAK,cAAc,EAAE,CAAC;QACzC,IAAI,IAAI,CAAC,SAAS,KAAK,UAAU;YAAE,OAAO,MAAM,CAAC;QACjD,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM;YAAE,OAAO,QAAQ,CAAC;QAC/C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CACpB,OAAqB,EACrB,KAAiB,EACjB,UAAuB;IAEvB,MAAM,KAAK,GAAmB,EAAE,CAAC;IAEjC,6DAA6D;IAC7D,kEAAkE;IAClE,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,+DAA+D;YAC/D,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAChD,SAAS;YACX,CAAC;YAED,0CAA0C;YAC1C,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAC/C,SAAS;YACX,CAAC;YAED,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,mBAAmB,CAC3D,MAAM,EACN,IAAI,EACJ,UAAU,CACX,CAAC;YAEF,MAAM,SAAS,GAAG,iBAAiB,CAAC,MAAM,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;YAE7D,KAAK,CAAC,IAAI,CAAC;gBACT,MAAM;gBACN,IAAI;gBACJ,IAAI,EAAE,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC;gBACtC,sBAAsB,EAAE,SAAS;gBACjC,kBAAkB,EAAE,SAAS,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS;gBAC9D,SAAS;gBACT,WAAW,EAAE,SAAS;oBACpB,CAAC,CAAC,uBAAuB,MAAM,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,EAAE;oBACtD,CAAC,CAAC,eAAe,MAAM,CAAC,UAAU,kBAAkB,IAAI,CAAC,IAAI,EAAE;aAClE,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,+EAA+E;AAC/E,aAAa;AACb,+EAA+E;AAE/E;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,WAAmB,EACnB,KAAgB;IAEhB,MAAM,UAAU,GAAiB,EAAE,CAAC;IACpC,MAAM,QAAQ,GAAe,EAAE,CAAC;IAChC,MAAM,aAAa,GAAgB,EAAE,CAAC;IAEtC,oDAAoD;IACpD,6CAA6C;IAC7C,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE,CAAC;IAEnC,KAAK,MAAM,QAAQ,IAAI,cAAc,EAAE,CAAC;QACtC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YAC7C,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAElD,MAAM,OAAO,GAAG,MAAM,qBAAqB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC/D,MAAM,KAAK,GAAG,MAAM,mBAAmB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC3D,MAAM,UAAU,GAAG,MAAM,wBAAwB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAErE,UAAU,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;YAC5B,QAAQ,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;YACxB,aAAa,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE;gBACvC,IAAI,EAAE,QAAQ;gBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAG,aAAa,CAAC,UAAU,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;IACjE,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;IAErE,OAAO;QACL,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,UAAU,EAAE,aAAa;QACzB,KAAK;QACL,KAAK,EAAE;YACL,YAAY,EAAE,UAAU,CAAC,MAAM;YAC/B,UAAU,EAAE,QAAQ,CAAC,MAAM;YAC3B,eAAe,EAAE,aAAa,CAAC,MAAM;YACrC,UAAU,EAAE,KAAK,CAAC,MAAM;YACxB,UAAU,EAAE,UAAU,CAAC,MAAM;YAC7B,cAAc,EAAE,cAAc,CAAC,MAAM;SACtC;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,OAAwB;IACpD,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAChC,OAAwB,EACxB,QAAkB;IAElB,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC;AAC/D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,UAA0B,EAC1B,QAAQ,GAAG,EAAE;IAEb,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;IAE5C,IAAI,MAAM,GAAG,iCAAiC,CAAC;IAC/C,MAAM,IAAI,SAAS,UAAU,CAAC,MAAM,wCAAwC,KAAK,CAAC,MAAM,OAAO,CAAC;IAEhG,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,IAAI,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,SAAS,OAAO,CAAC;QAC/E,MAAM,IAAI,eAAe,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC;QACpF,MAAM,IAAI,WAAW,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,cAAc,CAAC;QACxF,MAAM,IAAI,aAAa,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC;QAC9E,MAAM,IAAI,WAAW,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,cAAc,CAAC;QACpF,MAAM,IAAI,aAAa,IAAI,CAAC,WAAW,aAAa,CAAC;IACvD,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/analysis/index.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Analysis Module
+ *
+ * Advanced code analysis capabilities including data flow tracking.
+ *
+ * @module analysis
+ */
+export * from "./data-flow.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/analysis/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/analysis/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,cAAc,gBAAgB,CAAC"}

package/dist/analysis/index.js

@@ -0,0 +1,9 @@
+/**
+ * Analysis Module
+ *
+ * Advanced code analysis capabilities including data flow tracking.
+ *
+ * @module analysis
+ */
+export * from "./data-flow.js";
+//# sourceMappingURL=index.js.map

package/dist/analysis/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/analysis/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,cAAc,gBAAgB,CAAC"}

package/dist/badge-service/index.d.ts

@@ -0,0 +1,144 @@
+/**
+ * Badge Service
+ *
+ * HTTP service for serving certification badges with verification endpoints.
+ * Designed for deployment on Vercel/Cloudflare edge with caching.
+ *
+ * @module badge-service
+ */
+import type { CertificationLevel } from "../certification/types.js";
+/**
+ * Certification record for badge lookup
+ */
+export interface CertificationRecord {
+    /** Unique certification ID */
+    id: string;
+    /** Project identifier (hashed) */
+    projectHash: string;
+    /** Certification level */
+    level: CertificationLevel;
+    /** Overall score (0-100) */
+    score: number;
+    /** When certification was issued */
+    issuedAt: string;
+    /** Expiration date (30 days from issue) */
+    expiresAt: string;
+    /** Sigstore bundle for verification */
+    sigstoreBundle?: {
+        mediaType: string;
+        verificationMaterial: Record<string, unknown>;
+        messageSignature: Record<string, unknown>;
+    };
+    /** Rekor transparency log index */
+    rekorLogIndex?: number;
+    /** Signature URL for verification */
+    signatureUrl?: string;
+    /** Certificate URL for verification */
+    certUrl?: string;
+}
+/**
+ * Verification response
+ */
+export interface VerificationResponse {
+    /** Whether the certification is valid */
+    valid: boolean;
+    /** Certification ID */
+    certificationId: string;
+    /** Certification level if valid */
+    level?: CertificationLevel;
+    /** Score if valid */
+    score?: number;
+    /** Issue date */
+    issuedAt?: string;
+    /** Expiration date */
+    expiresAt?: string;
+    /** Whether it's expired */
+    expired?: boolean;
+    /** Sigstore bundle if available */
+    sigstoreBundle?: CertificationRecord["sigstoreBundle"];
+    /** Rekor log index if available */
+    rekorLogIndex?: number;
+    /** Verification command for CLI */
+    verifyCommand?: string;
+    /** Error message if invalid */
+    error?: string;
+}
+/**
+ * Badge embed code formats
+ */
+export interface BadgeEmbedCode {
+    /** Markdown format */
+    markdown: string;
+    /** HTML format */
+    html: string;
+    /** Badge URL */
+    url: string;
+    /** Verification URL */
+    verifyUrl: string;
+}
+/**
+ * Interface for certification storage
+ */
+export interface CertificationStorage {
+    /** Get certification by ID */
+    getCertification(id: string): Promise<CertificationRecord | null>;
+    /** Store a certification */
+    storeCertification(record: CertificationRecord): Promise<void>;
+    /** List all certifications */
+    listCertifications(): Promise<CertificationRecord[]>;
+}
+/**
+ * In-memory storage for development/testing
+ */
+export declare class MemoryCertificationStorage implements CertificationStorage {
+    private certifications;
+    getCertification(id: string): Promise<CertificationRecord | null>;
+    storeCertification(record: CertificationRecord): Promise<void>;
+    listCertifications(): Promise<CertificationRecord[]>;
+}
+/**
+ * Generate an expired/invalid badge SVG
+ */
+export declare function generateExpiredBadgeSvg(): string;
+/**
+ * Generate a not-found badge SVG
+ */
+export declare function generateNotFoundBadgeSvg(): string;
+/**
+ * Check if a certification is expired
+ */
+export declare function isExpired(cert: CertificationRecord, graceMinutes?: number): boolean;
+/**
+ * Add days to a date
+ */
+export declare function addDays(dateStr: string, days: number): string;
+/**
+ * Generate embed code for a certification badge
+ */
+export declare function generateBadgeEmbedCode(certificationId: string, baseUrl?: string): BadgeEmbedCode;
+/**
+ * Handle badge SVG request
+ */
+export declare function handleBadgeRequest(certId: string, storage: CertificationStorage): Promise<{
+    svg: string;
+    status: number;
+    headers: Record<string, string>;
+}>;
+/**
+ * Handle verification request
+ */
+export declare function handleVerifyRequest(certId: string, storage: CertificationStorage): Promise<{
+    json: VerificationResponse;
+    status: number;
+}>;
+/**
+ * Handle embed code request
+ */
+export declare function handleEmbedRequest(certId: string, storage: CertificationStorage, baseUrl?: string): Promise<{
+    json: BadgeEmbedCode | {
+        error: string;
+    };
+    status: number;
+}>;
+export { generateBadgeSvg, generateScoreBadgeSvg, } from "../certification/badge.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/badge-service/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/badge-service/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAOpE;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,8BAA8B;IAC9B,EAAE,EAAE,MAAM,CAAC;IAEX,kCAAkC;IAClC,WAAW,EAAE,MAAM,CAAC;IAEpB,0BAA0B;IAC1B,KAAK,EAAE,kBAAkB,CAAC;IAE1B,4BAA4B;IAC5B,KAAK,EAAE,MAAM,CAAC;IAEd,oCAAoC;IACpC,QAAQ,EAAE,MAAM,CAAC;IAEjB,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAC;IAElB,uCAAuC;IACvC,cAAc,CAAC,EAAE;QACf,SAAS,EAAE,MAAM,CAAC;QAClB,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC9C,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KAC3C,CAAC;IAEF,mCAAmC;IACnC,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,qCAAqC;IACrC,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,uCAAuC;IACvC,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,yCAAyC;IACzC,KAAK,EAAE,OAAO,CAAC;IAEf,uBAAuB;IACvB,eAAe,EAAE,MAAM,CAAC;IAExB,mCAAmC;IACnC,KAAK,CAAC,EAAE,kBAAkB,CAAC;IAE3B,qBAAqB;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,iBAAiB;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,sBAAsB;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,2BAA2B;IAC3B,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,mCAAmC;IACnC,cAAc,CAAC,EAAE,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;IAEvD,mCAAmC;IACnC,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,mCAAmC;IACnC,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,+BAA+B;IAC/B,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,sBAAsB;IACtB,QAAQ,EAAE,MAAM,CAAC;IAEjB,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IAEb,gBAAgB;IAChB,GAAG,EAAE,MAAM,CAAC;IAEZ,uBAAuB;IACvB,SAAS,EAAE,MAAM,CAAC;CACnB;AAMD;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,8BAA8B;IAC9B,gBAAgB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAAC;IAElE,4BAA4B;IAC5B,kBAAkB,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE/D,8BAA8B;IAC9B,kBAAkB,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAAC;CACtD;AAED;;GAEG;AACH,qBAAa,0BAA2B,YAAW,oBAAoB;IACrE,OAAO,CAAC,cAAc,CAA+C;IAE/D,gBAAgB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC;IAIjE,kBAAkB,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9D,kBAAkB,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;CAG3D;AAMD;;GAEG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CAyBhD;AAED;;GAEG;AACH,wBAAgB,wBAAwB,IAAI,MAAM,CAyBjD;AAMD;;GAEG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,mBAAmB,EAAE,YAAY,SAAI,GAAG,OAAO,CAK9E;AAED;;GAEG;AACH,wBAAgB,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CAI7D;AAMD;;GAEG;AACH,wBAAgB,sBAAsB,CACpC,eAAe,EAAE,MAAM,EACvB,OAAO,SAA+B,GACrC,cAAc,CAUhB;AAMD;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,oBAAoB,GAC5B,OAAO,CAAC;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,CAAC,CA6B3E;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,oBAAoB,GAC5B,OAAO,CAAC;IAAE,IAAI,EAAE,oBAAoB,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAiCzD;AAED;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,oBAAoB,EAC7B,OAAO,SAA+B,GACrC,OAAO,CAAC;IAAE,IAAI,EAAE,cAAc,GAAG;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAcvE;AAMD,OAAO,EACL,gBAAgB,EAChB,qBAAqB,GACtB,MAAM,2BAA2B,CAAC"}